Compliance Specialist
TransFICC
London, UK
Published 2 weeks ago
Compliance Management Systems / Technology
Location: Remote First; office location Moorgate, London (flexible remote working locations within UK/Europe)
Employment type: Permanent (open to contract as well)
Working Hours: Full-time (UK 9-6) or part-time
Salary: dependent on experience up to £60,000 + Shares + Benefits
We are hiring to enhance our Security and Compliance efforts. In this role, you will collaborate with Senior Leadership and Site Reliability Engineering to support our GRC initiatives.
We provide a low latency, high throughput distributed messaging system to the e-trading Fixed-income markets. We are foremost a technology service provider and support part of our customers' trading infrastructure.
You will help maintain positive customer relationships by handling compliance questions and making sure our security practices are effective and up-to-date.
Here's what you'll be doing:
Employment type: Permanent (open to contract as well)
Working Hours: Full-time (UK 9-6) or part-time
Salary: dependent on experience up to £60,000 + Shares + Benefits
We are hiring to enhance our Security and Compliance efforts. In this role, you will collaborate with Senior Leadership and Site Reliability Engineering to support our GRC initiatives.
We provide a low latency, high throughput distributed messaging system to the e-trading Fixed-income markets. We are foremost a technology service provider and support part of our customers' trading infrastructure.
You will help maintain positive customer relationships by handling compliance questions and making sure our security practices are effective and up-to-date.
Here's what you'll be doing:
- Lead and Improve Compliance Programmes: manage internal control evaluations and testing to ensure adherence. Ensure compliance with industry standards such as DORA, ISO 27001, and SOC 2. Coordinate responses to internal and external audits, and facilitate independent security assessments, including third-party penetration tests.
- Develop and Implement Security Policies: create information security policies, standards, and guidelines. Ensure data privacy practices comply with GDPR and relevant laws. Assess policy compliance, track risk exposure, and support continuous compliance initiatives.
- Risk Management and Issue Resolution: establish and maintain a risk assessment process to identify, evaluate, and mitigate potential risks. Triage security issues and provide recommended solutions.
- Stakeholder Communication and Reporting: respond to customer security questionnaires and produce management reports on security compliance and metrics for relevant committees.
- Awareness and Training: design and deliver security policy awareness and training programs, fostering a culture of security and data privacy throughout the organisation.
- 4+ years of experience in an infosec or compliance role.
- Experience answering complex compliance questionnaires, ideally from Banks or highly regulated organisations.
- Experience in developing and implementing information security policies, standards and procedures.
- Completed a SOC 2 or ISO27001 certification process for at least two organisations.
- Experience implementing and managing a GRC automation tool.
- Have familiarity with security standards such as NIST CSF, DORA, SOX and AWS FTR.
- Can comprehend penetration test and vulnerability scan results.
- Have startup experience or a diverse skillset.
- Can code or navigate a CLI.